• Programme
• Writing talks and theses
• Theses topics
• Teaching
  • Winter 2017
  • Summer 2017
  • IPEC Winter 2017
  • Winter 2016/2017
  • IPEC Summer 2016
  • Summer 2016
  • IPEC Winter 2016
  • Winter 2015/2016
  • IPEC Summer 2015
  • Summer 2015
  • IPEC Winter 2015
  • Winter 2014/2015
  • IPEC Summer 2014
  • Summer 2014
  • IPEC Winter 2014
  • Winter 2013/2014
  • IPEC Summer 2013
  • Summer 2013
  • IPEC Winter 2013
  • Winter 2012/2013
  • IPEC Summer 2012
  • Summer 2012
  • IPEC Winter 2012
  • Winter 2011/2012
  • IPEC Summer 2011
  • Summer 2011
  • IPEC Winter 2011
  • Winter 2010/2011
  • IPEC Summer 2010
  • Summer 2010
  • IPEC Winter 2010
  • Winter 2009/2010
  • IPEC Summer 2009
  • Summer 2009
  • IPEC Winter 2009
  • Winter 2008/2009
  • IPEC Summer 2008
  • Summer 2008
  • IPEC Winter 2008
  • Winter 2007/2008
  • Cryptography
  • Electronic Elections
  • Seminar Notions of Security
  • Seminar Malware
  • Seminar Advanced Topics in Cryptography
  • Oberseminar Computer Security, Winter 2007/08
  • IPEC Summer 2007
  • Summer 2007
  • IPEC Winter 2007
  • Winter 2006/2007
  • IPEC Summer 2006
  • Summer 2006
  • IPEC Winter 2006
  • Winter 2005/2006
• Special events
• crypt@b-it
• Schüler-Krypto

Efficient Steganography with Provable Security Guarantees

Yona Raekow (Fraunhofer SCAI, Bonn)

Thursday, 15 November, 2007, 1500 sharp (s.t), b-it 1.25 (cosec meeting room)

In steganography, Alice an Bob wish to communicate securely in the  presence of an adversary called the "Warden" that monitors whether  they exchange "conspicious" messages. There have been two approaches  in Steganography to solve this so called "prisoner's problem", one  based on information theory and one based on complexity theory.
In this talk we focus on the complexity theoretic approach and present  a stegosystem that is secure under complexity theoretic asssumptions.  Most steganographic constructions that come with provable security  guarantees are instantiations of the the so called  "rejection-sampling" procedure, that will be introduced in the talk.
Based on the rejection sampling procedure and a combinatorial  construction -  a function family that is almost t-wise independent -  a so called one-time stegosystem is developed, which is analogue to  the one-time pad in cryptography.
Given such a one-time stegosystem it is fairly straightforward to  construct provably secure steganographic encryption for longer  messages by using a pseudorandom number generator to stretch a random  seed that is shared between the sender and the receiver to sufficient  length.  The resulting stegosystem is provably secure under the assumption that  one-way functions exist.